Merge "Fix TOTP view redirection"

2025-09-15 10:29:32 +00:00
parent 54f710ff81 090108723c
commit 3b6a6d8ea7
2 changed files with 13 additions and 1 deletions
--- a/openstack_auth/tests/unit/test_auth.py
+++ b/openstack_auth/tests/unit/test_auth.py
@@ -1490,6 +1490,10 @@ class OpenstackAuthTestsTOTP(test.TestCase):

        self.data = data_v3.generate_test_data()

+        session = self.client.session
+        session['receipt'] = 'fake-receipt'
+        session.save()
+
    def get_form_data(self, user):
        return {'region': "default",
                'domain': DEFAULT_DOMAIN,
--- a/openstack_auth/views.py
+++ b/openstack_auth/views.py
@@ -504,7 +504,7 @@ class TotpView(edit_views.FormView):
    template_name = 'auth/totp.html'
    form_class = forms.TimeBasedOneTimePassword
    success_url = settings.LOGIN_REDIRECT_URL
-    fail_url = "/login/"
+    fail_url = settings.LOGIN_URL

    def get_initial(self):
        return {
@@ -515,6 +515,14 @@ class TotpView(edit_views.FormView):
            'domain': self.request.session.get('domain'),
        }

+    def get(self, request, *args, **kwargs):
+        if request.user.is_authenticated:
+            return django_http.HttpResponseRedirect(self.success_url)
+        receipt = request.session.get('receipt')
+        if not receipt:
+            return django_http.HttpResponseRedirect(self.fail_url)
+        return super().get(request, *args, **kwargs)
+
    def form_valid(self, form):
        auth.login(self.request, form.user_cache)
        res = django_http.HttpResponseRedirect(self.success_url)